Fedora 35: librecad 2021-fa9e3c23f2

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 243

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-fa9e3c23f2
2021-12-01 01:19:37.797801
--------------------------------------------------------------------------------

Name        : librecad
Product     : Fedora 35
Version     : 2.2.0
Release     : 0.11.rc2.fc35
URL         : https://librecad.org/
Summary     : Computer Assisted Design (CAD) Application
Description :
A graphical and comprehensive 2D CAD application.

--------------------------------------------------------------------------------
Update Information:

Update libdxfrw to 1.0.1 (from upstream git). Rebuild librecad against it.  This
fixes CVE-2021-21898, CVE-2021-21899, and CVE-2021-21900.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Nov 22 2021 Tom Callaway  - 2.2.0-0.11.rc2
- rebuild against new libdxfrw
- rebase to 1d31427
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2025628 - CVE-2021-21899 librecad: heap out-of-bounds write in dwgCompressor:copyCompBytes21
        https://bugzilla.redhat.com/show_bug.cgi?id=2025628
  [ 2 ] Bug #2025631 - CVE-2021-21900 librecad: use-after-free in dxfRW:processLType()
        https://bugzilla.redhat.com/show_bug.cgi?id=2025631
  [ 3 ] Bug #2025634 - CVE-2021-21898 librecad: out-of-bounds write in dwgCompressor:decompress18()
        https://bugzilla.redhat.com/show_bug.cgi?id=2025634
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-fa9e3c23f2' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 35: librecad 2021-fa9e3c23f2

November 30, 2021
Update libdxfrw to 1.0.1 (from upstream git)

Summary

A graphical and comprehensive 2D CAD application.

Update Information:

Update libdxfrw to 1.0.1 (from upstream git). Rebuild librecad against it. This fixes CVE-2021-21898, CVE-2021-21899, and CVE-2021-21900.

Change Log

* Mon Nov 22 2021 Tom Callaway - 2.2.0-0.11.rc2 - rebuild against new libdxfrw - rebase to 1d31427

References

[ 1 ] Bug #2025628 - CVE-2021-21899 librecad: heap out-of-bounds write in dwgCompressor:copyCompBytes21 https://bugzilla.redhat.com/show_bug.cgi?id=2025628 [ 2 ] Bug #2025631 - CVE-2021-21900 librecad: use-after-free in dxfRW:processLType() https://bugzilla.redhat.com/show_bug.cgi?id=2025631 [ 3 ] Bug #2025634 - CVE-2021-21898 librecad: out-of-bounds write in dwgCompressor:decompress18() https://bugzilla.redhat.com/show_bug.cgi?id=2025634

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-fa9e3c23f2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : librecad
Product : Fedora 35
Version : 2.2.0
Release : 0.11.rc2.fc35
URL : https://librecad.org/
Summary : Computer Assisted Design (CAD) Application

News

Advisories

HOWTOs

Features

Benefits & Drawbacks of Using a VPN on Linux
How a WAF Could Improve the Security of Your Linux Web Applications
Installing SurfShark VPN On Kali Linux: The Authoritative Guide
Best Practices for PHP Security
9 Wise Linux Cybersecurity Tips for Businesses

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy